No announcement yet.

My First post - and it's a nightmare one!

  • Filter
  • Time
  • Show
Clear All
new posts

  • My First post - and it's a nightmare one!

    Hi everyone....used this forum for years, but thought it was about time i registered and posted a tricky little problem of my own on here...!

    I have a windows 2003 AD forest with several child domains, running in hybrid mode. We have recently set up an operation Poland, which has issues with power failures 3-4 times a week, meaning servers have been dropping out without shutting down properly. We have also had the additional problems of a nightmare few months at one of our main datacentres with floods and power failures. All in all not very good for the system or my heart!

    However, it appeared a few weeks ago that the DNS for our root .com zone had disappeared. there was an entry in the event logsd saying the PDC emulator had received a transfer request for the .com zone to move into the sub domain! needless to say this failed, and consequently the whole thing went mad. As we had a backup of our .com server I restored the VMimage and brought the server back up from a week ago to recover the DNS records, as they were AD integrated. our southern office meanwhile setup a new AD integrated copy of the DNS with the new records. However, this was only configured to replicate to all ADs in domain instead of all DNS servers in forest....the uk servers seemed ok until the following monday when they all suddenly realised the .com dns had gone and deleted the historical copy they had been running! I managed to resolve this and things started coming back to life. However - our Poland site refused to replicate the .com DNS to any of the DCs over there, even after I attempted a demote and a re-promote of the server. After changing the DNS servers to look at the UK only, i managed to get one of the servers replicating the DNS again, but things are not right at all. We made the decision we needed a server in the UK to try and help things along in case of catastrophic failure in the Poland office. this server would not join the poland domain as an AD until I had joined it to the pl.domain as a member server and rebooted....then it worked. I did a role transfer to promote it to RID/Ops/Infra master for the pl domain, and records on the dcs over there show it transferred them correctly. If i run Sites & Services on a pl server in poland, i can see the new pl server in the manchester site. however if i look on the .com dc's, neither of them see it exists. firther more, the pl dc's will not replicate each other in poland, citing RPC errors. To make matters worse, today we have started experiencing problems with outlook users. random XP users are getting timeouts and "server offline" errors when trying to use outlook (including my boss!) there seems to be no pattern whatsoever to this, some are fine, some fail.

    I have run duplicate SID checks on all the servers, i have checked in ntdsutil to see if the manchester site records the new server (it doesn't), and checked to make sure no old servers are kicking about in the sites (there aren't). replmon reports that replication hasn't run since 23/07 - which is when the DNS issues kicked off. there are no problems with RPC traffic (all sites are connected via BT MPLS, no firewalls). repadmin /showreps shows 240 consecutive failures to our poland site server (it doesn't even mention the other one on site) - reporting error 1256, Can't retrieve message string 1256, error 1815. I have even stopped the KDC service on the poland DCs (except for the ops master for the domain), and forced it to renegotiate the kcc with the new DC, and rebooted and then tried again - no difference.

    It's really causing me a nightmare...things are breaking and i can't get anywhere with it. can anyone point me in the right direction? (please don't say a rebuild from scratch.....that is just not a viable possibility!)

    Any help would be GREATLY appreciated.....

  • #2
    Re: My First post - and it's a nightmare one!

    I restored the VMimage and brought the server back up from a week ago
    Was that restored image a DC?


    • #3
      Re: My First post - and it's a nightmare one!

      yes it was, it was a .com dc - not the pdc emulator/schema master though.


      • #4
        Re: My First post - and it's a nightmare one!

        So you took a DC offline and restored it from a older image in a domain with multiple DCs?

        If so, :[